conjur-api 5.3.7.pre.168 → 5.3.8.pre.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (143) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. metadata +21 -190
  4. data/.codeclimate.yml +0 -10
  5. data/.dockerignore +0 -1
  6. data/.github/CODEOWNERS +0 -10
  7. data/.gitignore +0 -32
  8. data/.gitleaks.toml +0 -219
  9. data/.overcommit.yml +0 -16
  10. data/.project +0 -18
  11. data/.rubocop.yml +0 -3
  12. data/.rubocop_settings.yml +0 -86
  13. data/.rubocop_todo.yml +0 -709
  14. data/.yardopts +0 -1
  15. data/CHANGELOG.md +0 -433
  16. data/CONTRIBUTING.md +0 -141
  17. data/Dockerfile +0 -16
  18. data/Gemfile +0 -7
  19. data/Jenkinsfile +0 -167
  20. data/LICENSE +0 -202
  21. data/README.md +0 -162
  22. data/Rakefile +0 -47
  23. data/SECURITY.md +0 -42
  24. data/bin/parse-changelog.sh +0 -12
  25. data/ci/configure_v4.sh +0 -12
  26. data/ci/configure_v5.sh +0 -14
  27. data/ci/submit-coverage +0 -36
  28. data/conjur-api.gemspec +0 -40
  29. data/dev/Dockerfile.dev +0 -12
  30. data/dev/docker-compose.yml +0 -56
  31. data/dev/start +0 -17
  32. data/dev/stop +0 -5
  33. data/docker-compose.yml +0 -76
  34. data/example/demo_v4.rb +0 -49
  35. data/example/demo_v5.rb +0 -57
  36. data/features/authenticators.feature +0 -33
  37. data/features/authn_local.feature +0 -32
  38. data/features/exists.feature +0 -37
  39. data/features/group.feature +0 -11
  40. data/features/host.feature +0 -50
  41. data/features/host_factory_create_host.feature +0 -28
  42. data/features/host_factory_token.feature +0 -63
  43. data/features/load_policy.feature +0 -61
  44. data/features/members.feature +0 -51
  45. data/features/new_api.feature +0 -36
  46. data/features/permitted.feature +0 -70
  47. data/features/permitted_roles.feature +0 -30
  48. data/features/public_keys.feature +0 -11
  49. data/features/resource_fields.feature +0 -53
  50. data/features/role_fields.feature +0 -15
  51. data/features/rotate_api_key.feature +0 -13
  52. data/features/step_definitions/api_steps.rb +0 -18
  53. data/features/step_definitions/policy_steps.rb +0 -75
  54. data/features/step_definitions/result_steps.rb +0 -7
  55. data/features/support/env.rb +0 -18
  56. data/features/support/hooks.rb +0 -3
  57. data/features/support/world.rb +0 -12
  58. data/features/update_password.feature +0 -14
  59. data/features/user.feature +0 -58
  60. data/features/variable_fields.feature +0 -20
  61. data/features/variable_value.feature +0 -60
  62. data/features_v4/authn_local.feature +0 -27
  63. data/features_v4/exists.feature +0 -29
  64. data/features_v4/host.feature +0 -18
  65. data/features_v4/host_factory_token.feature +0 -49
  66. data/features_v4/members.feature +0 -39
  67. data/features_v4/permitted.feature +0 -15
  68. data/features_v4/permitted_roles.feature +0 -8
  69. data/features_v4/resource_fields.feature +0 -47
  70. data/features_v4/rotate_api_key.feature +0 -13
  71. data/features_v4/step_definitions/api_steps.rb +0 -17
  72. data/features_v4/step_definitions/result_steps.rb +0 -3
  73. data/features_v4/support/env.rb +0 -23
  74. data/features_v4/support/policy.yml +0 -34
  75. data/features_v4/support/world.rb +0 -12
  76. data/features_v4/variable_fields.feature +0 -11
  77. data/features_v4/variable_value.feature +0 -54
  78. data/lib/conjur/acts_as_resource.rb +0 -123
  79. data/lib/conjur/acts_as_role.rb +0 -142
  80. data/lib/conjur/acts_as_rolsource.rb +0 -32
  81. data/lib/conjur/acts_as_user.rb +0 -68
  82. data/lib/conjur/api/authenticators.rb +0 -35
  83. data/lib/conjur/api/authn.rb +0 -125
  84. data/lib/conjur/api/host_factories.rb +0 -71
  85. data/lib/conjur/api/ldap_sync.rb +0 -38
  86. data/lib/conjur/api/policies.rb +0 -56
  87. data/lib/conjur/api/pubkeys.rb +0 -53
  88. data/lib/conjur/api/resources.rb +0 -109
  89. data/lib/conjur/api/roles.rb +0 -98
  90. data/lib/conjur/api/router/v4.rb +0 -206
  91. data/lib/conjur/api/router/v5.rb +0 -248
  92. data/lib/conjur/api/variables.rb +0 -59
  93. data/lib/conjur/api.rb +0 -105
  94. data/lib/conjur/base.rb +0 -355
  95. data/lib/conjur/base_object.rb +0 -57
  96. data/lib/conjur/build_object.rb +0 -47
  97. data/lib/conjur/cache.rb +0 -26
  98. data/lib/conjur/cert_utils.rb +0 -63
  99. data/lib/conjur/cidr.rb +0 -71
  100. data/lib/conjur/configuration.rb +0 -460
  101. data/lib/conjur/escape.rb +0 -129
  102. data/lib/conjur/exceptions.rb +0 -4
  103. data/lib/conjur/group.rb +0 -41
  104. data/lib/conjur/has_attributes.rb +0 -98
  105. data/lib/conjur/host.rb +0 -27
  106. data/lib/conjur/host_factory.rb +0 -75
  107. data/lib/conjur/host_factory_token.rb +0 -78
  108. data/lib/conjur/id.rb +0 -71
  109. data/lib/conjur/layer.rb +0 -9
  110. data/lib/conjur/log.rb +0 -72
  111. data/lib/conjur/log_source.rb +0 -60
  112. data/lib/conjur/policy.rb +0 -34
  113. data/lib/conjur/policy_load_result.rb +0 -61
  114. data/lib/conjur/query_string.rb +0 -12
  115. data/lib/conjur/resource.rb +0 -29
  116. data/lib/conjur/role.rb +0 -29
  117. data/lib/conjur/role_grant.rb +0 -85
  118. data/lib/conjur/routing.rb +0 -29
  119. data/lib/conjur/user.rb +0 -40
  120. data/lib/conjur/variable.rb +0 -208
  121. data/lib/conjur/webservice.rb +0 -30
  122. data/lib/conjur-api/version.rb +0 -24
  123. data/lib/conjur-api.rb +0 -2
  124. data/publish.sh +0 -7
  125. data/spec/api/host_factories_spec.rb +0 -34
  126. data/spec/api_spec.rb +0 -254
  127. data/spec/base_object_spec.rb +0 -13
  128. data/spec/cert_utils_spec.rb +0 -173
  129. data/spec/cidr_spec.rb +0 -34
  130. data/spec/configuration_spec.rb +0 -330
  131. data/spec/has_attributes_spec.rb +0 -63
  132. data/spec/helpers/errors_matcher.rb +0 -34
  133. data/spec/helpers/request_helpers.rb +0 -10
  134. data/spec/id_spec.rb +0 -29
  135. data/spec/ldap_sync_spec.rb +0 -21
  136. data/spec/log_source_spec.rb +0 -13
  137. data/spec/log_spec.rb +0 -42
  138. data/spec/roles_spec.rb +0 -24
  139. data/spec/spec_helper.rb +0 -113
  140. data/spec/ssl_spec.rb +0 -109
  141. data/spec/uri_escape_spec.rb +0 -21
  142. data/test.sh +0 -69
  143. data/tmp/.keep +0 -0
data/spec/ssl_spec.rb DELETED
@@ -1,109 +0,0 @@
1
- require 'active_support'
2
- require 'spec_helper'
3
-
4
- require 'helpers/errors_matcher'
5
-
6
- require 'webrick'
7
- require 'webrick/https'
8
-
9
- describe 'SSL connection' do
10
- context 'with an untrusted certificate' do
11
- it 'fails' do
12
- expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to \
13
- raise_one_of(RestClient::SSLCertificateNotVerified, OpenSSL::SSL::SSLError)
14
- end
15
- end
16
-
17
- context 'with certificate added to the default OpenSSL cert store' do
18
- before do
19
- cert_store.add_cert(cert)
20
- end
21
-
22
- it 'works' do
23
- expect { Conjur::API.login 'foo', 'bar', account: "the-account" }.to raise_error RestClient::ResourceNotFound
24
- end
25
- end
26
-
27
- let(:server) do
28
- server = WEBrick::HTTPServer.new \
29
- Port: 0, SSLEnable: true,
30
- AccessLog: [], Logger: Logger.new('/dev/null'), # shut up, WEBrick
31
- SSLCertificate: cert, SSLPrivateKey: key
32
- end
33
- let(:port) { server.config[:Port] }
34
- let(:cert_store) { OpenSSL::X509::Store.new }
35
-
36
- before do
37
- # Reset configuration to allow each test to use its own stub
38
- # of OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE.
39
- Conjur.configuration = nil
40
- stub_const 'OpenSSL::SSL::SSLContext::DEFAULT_CERT_STORE', cert_store
41
-
42
- allow(Conjur.configuration).to receive(:authn_url).and_return "https://localhost:#{port}"
43
- end
44
-
45
- around do |example|
46
- server_thread = Thread.new do
47
- server.start
48
- end
49
- example.run
50
- server.shutdown
51
- server_thread.join
52
- end
53
-
54
- let(:cert) do
55
- OpenSSL::X509::Certificate.new """
56
- -----BEGIN CERTIFICATE-----
57
- MIIDCzCCAfOgAwIBAgIUaApjB95cJZlMTwDg4EBk4Mf1y4swDQYJKoZIhvcNAQEL
58
- BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MCAXDTIxMDQyODIxNTA1OFoYDzQ3NTkw
59
- MzI1MjE1MDU4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
60
- AQUAA4IBDwAwggEKAoIBAQC+MIx1LCzBeAl7kHfI21wYmA6W8luyq14+DecaQPMd
61
- bW7fMlHSMJC/nlFDQyqmfYfKlVCiJRV/QTdUtA9hCytPlEKjlVmm4WIYLKfjj8Sp
62
- A+X9VURk75Fz+Z7UsF8u2J3pF9wFfhBzznwePlFdcWYyQMIRtghoHk/WSsbJVXVQ
63
- so7+0BLFyMYB3otfCyK+H/iyoXWLZll2irYZJedVm/lyTlnc9dT1XDAWWI8kSeUV
64
- lCkEulqOf8qZyU7wNUafRkzBuYkR7ddp1Qdkq+QYw7blmfZXyJbAYSt4gEMyDMk8
65
- ArScP8j+Efz5D54wS7fZFwmQp41+iP5WTxGsSU3dh44fAgMBAAGjUzBRMB0GA1Ud
66
- DgQWBBS4ZJDxXOs8rK3+SyfLopDFqK0IWDAfBgNVHSMEGDAWgBS4ZJDxXOs8rK3+
67
- SyfLopDFqK0IWDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAE
68
- WuzjqQ/gyho/pluX31hq7EMAFgqqz7ECN6DqmvpqabMD6s1kQ662KTo7gCBEcNtA
69
- nC7QycFp4v/Cr8+aUEa1W3+q2MqbmshORonUrLE/vxejK+NUvhSCWnmrM8v60zhR
70
- pn9lSSgQCBKWDgaU0VQVn0I9MuexeAj64Qv2uUHnZK3QUx+Gk3uurTmhKEN5FI+D
71
- sC7xO0qquTZ1Vv1EkLEso4dnFVW84EjdfmfeiW6JmHO7z1p1ebGsRwoQead/qTKw
72
- ze+Y1A1w3GzuhDo55aHlWE/Wvnou0aM3O9gUd++a2j+XJ2P7qaTB/L7SJk4qZ9RA
73
- t2PbKVP+tyZjXKtXmgzp
74
- -----END CERTIFICATE-----
75
- """.lines.map(&:strip).join("\n")
76
- end
77
-
78
- let(:key) do
79
- OpenSSL::PKey.read """
80
- -----BEGIN RSA PRIVATE KEY-----
81
- MIIEowIBAAKCAQEAvjCMdSwswXgJe5B3yNtcGJgOlvJbsqtePg3nGkDzHW1u3zJR
82
- 0jCQv55RQ0Mqpn2HypVQoiUVf0E3VLQPYQsrT5RCo5VZpuFiGCyn44/EqQPl/VVE
83
- ZO+Rc/me1LBfLtid6RfcBX4Qc858Hj5RXXFmMkDCEbYIaB5P1krGyVV1ULKO/tAS
84
- xcjGAd6LXwsivh/4sqF1i2ZZdoq2GSXnVZv5ck5Z3PXU9VwwFliPJEnlFZQpBLpa
85
- jn/KmclO8DVGn0ZMwbmJEe3XadUHZKvkGMO25Zn2V8iWwGEreIBDMgzJPAK0nD/I
86
- /hH8+Q+eMEu32RcJkKeNfoj+Vk8RrElN3YeOHwIDAQABAoIBAQCnW0ctkDqt3/fQ
87
- MHcHWue2iI9GCmvgU+WxC0DSHFcSDQrkAn53S98DjseJPaBZMtr7y9pRY/p/qR6M
88
- PYnO5iotc5QUKEbkjy1nglwV5Zuy8kg+XPq7Kwg+GmjGVZDcQybpRuKIPr8xeIBF
89
- iKbGaBP6ontjZGAPZqTwN4qm/bkm0QRQkMEVQLpBaOlXjl0BCknhCMgyNA1F0jGc
90
- HLqJpFO46qvWDkDaKriMY/ezrkGYxlvV8xGJ2lzoaNWBsQeMXtcDJXuFMJO3lZl4
91
- VUjeNbyPprUzL6/kLZGMVFdRWhzKAluJEy3B6zybY4xxmgmifqn8/OxIaT172IXN
92
- KACuEorpAoGBAOYZEfuON+73dcstpjq3062+XUOxAAc77aFcGFQ2pqDTUtvoR05R
93
- o0uXrSuQqt0/FJVdZqdDx1and6idI7j/LfkOwvmPPg2dJIwKV73T2HdR7BpJaYlI
94
- KS6Bgl0AiW2ibjZJbBFJMiINb2tRGeYcOPfWlis309D2DXxl1f1TJTKTAoGBANOZ
95
- aDH1VJXh7rdAHrwNonTjoCeYKG7oAh0WTfqmCqcBjAkXsVc7dBd/98XKGS5LPRtl
96
- dIaJdYngeYyH5Ey5O2l/63tk0d4sqE8l+GVy+OHFn2AZMuaVXS0JXIQspn4s/U7F
97
- CuawmFszE8fv41WgVNhF00ijheoRz/X19yu0ULHFAoGAYmJZ1AutUtowXZ25M+Yh
98
- 9motCqKF9pHjO1lbdbagbKevCCQ7SPuTLOE/xB7pUAyGyo7TM7XBaAXXHhuCiLlj
99
- eNic+YQL7lpApDhP5/TK28oFf//fxjk6ko4Bpa5zFJOdOE0QjhuT+gdwmpxkzIVI
100
- vn/cWcJXKUPr5ELOyrBgeU0CgYBWqIUbsLWrjJQPSJtNuOfHp1F35cDpausyrmfR
101
- Nx81tlR7hNCEQT0SQr5eqp4Vb4rfJXXLg5A3n08oVp8RLOtAEbuHFYs9ylxDzfEk
102
- 2ylCjYTv/mHyPUmjoCnbl8237wTutZP5VmmPMCPxxjT8ZGVbDX2ySgYWDqV0vf80
103
- TuydYQKBgG24Wpes1CJmKiuWGnPi5I/+iIKZRfpEGidpjnsktkr3O+VZSZNQtDfC
104
- uWp/NgMxzxXxYdmmaQTwektB5axrsPUnxxiHmb8KkVU1IcMpYvUulFYiKVvFx+JJ
105
- bx/fkItCZ4AP3CG2Onz8xZdosg+c+MEdIlCrg94dA1EmHewCt2Hv
106
- -----END RSA PRIVATE KEY-----
107
- """.lines.map(&:strip).join("\n")
108
- end
109
- end
@@ -1,21 +0,0 @@
1
- require 'spec_helper'
2
- require 'conjur/id'
3
- require 'conjur/api/router/v5'
4
-
5
- describe 'url escaping' do
6
- it 'Id to path is escaped' do
7
- id = Conjur::Id.new('cucumber:variable:one two/three')
8
- expect(id.to_url_path).to eq('cucumber/variable/one%20two%2Fthree')
9
- end
10
-
11
- it 'Resources path is escaped' do
12
- request = Conjur::API::Router::V5.resources(nil, 'cucumber/two', 'extended variable', {})
13
- expect(request.url).to eq('http://localhost:5000/resources/cucumber%2Ftwo/extended%20variable/')
14
- end
15
-
16
- it 'Resource path is escaped' do
17
- resource = Conjur::Id.new('cucumber:variable:one two/three')
18
- request = Conjur::API::Router::V5.resources_resource(nil, resource)
19
- expect(request.url).to eq('http://localhost:5000/resources/cucumber/variable/one%20two%2Fthree')
20
- end
21
- end
data/test.sh DELETED
@@ -1,69 +0,0 @@
1
- #!/bin/bash -e
2
-
3
- : "${RUBY_VERSION=3.0}"
4
- # My local RUBY_VERSION is set to ruby-#.#.# so this allows running locally.
5
- RUBY_VERSION="$(cut -d '-' -f 2 <<< "$RUBY_VERSION")"
6
-
7
-
8
- function finish {
9
- echo 'Removing test environment'
10
- echo '---'
11
- docker-compose down --rmi 'local' --volumes
12
- }
13
-
14
- trap finish EXIT
15
-
16
-
17
- function main() {
18
- if ! docker info >/dev/null 2>&1; then
19
- echo "Docker does not seem to be running, run it first and retry"
20
- exit 1
21
- fi
22
- # Generate reports folders locally
23
- mkdir -p spec/reports features/reports features_v4/reports
24
-
25
- startConjur
26
- runTests_5
27
- runTests_4
28
- }
29
-
30
- function startConjur() {
31
- echo 'Starting Conjur environment'
32
- echo '-----'
33
-
34
- # We want to pull to make sure we're testing against the newest release;
35
- # failing to ensure that has caused many mysterious failures in CI.
36
- # However, unconditionally pulling prevents working offline even
37
- # with a warm cache. So try to pull, but ignore failures.
38
- docker-compose pull --ignore-pull-failures
39
- docker-compose build --build-arg RUBY_VERSION="$RUBY_VERSION"
40
- docker-compose up -d pg conjur_4 conjur_5
41
- }
42
-
43
- function runTests_5() {
44
- echo 'Waiting for Conjur v5 to come up, and configuring it...'
45
- ./ci/configure_v5.sh
46
-
47
- local api_key=$(docker-compose exec -T conjur_5 rake 'role:retrieve-key[cucumber:user:admin]')
48
-
49
- echo 'Running tests'
50
- echo '-----'
51
- docker-compose run --rm \
52
- -e CONJUR_AUTHN_API_KEY="$api_key" \
53
- tester_5 rake jenkins_init jenkins_spec jenkins_cucumber_v5
54
- }
55
-
56
- function runTests_4() {
57
- echo 'Waiting for Conjur v4 to come up, and configuring it...'
58
- ./ci/configure_v4.sh
59
-
60
- local api_key=$(docker-compose exec -T conjur_4 su conjur -c "conjur-plugin-service authn env RAILS_ENV=appliance rails r \"puts User['admin'].api_key\" 2>/dev/null")
61
-
62
- echo 'Running tests'
63
- echo '-----'
64
- docker-compose run --rm \
65
- -e CONJUR_AUTHN_API_KEY="$api_key" \
66
- tester_4 rake jenkins_cucumber_v4
67
- }
68
-
69
- main
data/tmp/.keep DELETED
File without changes